From 3347ca4d7484d9141b189462e169b2be4d324632 Mon Sep 17 00:00:00 2001
From: 江强 <jiangq@powerlbs.com>
Date: 星期二, 27 七月 2021 09:33:12 +0800
Subject: [PATCH] fix:Issue #I42GRW   修复任意账户越权漏洞

---
 ruoyi-system/src/main/resources/mapper/system/SysOperLogMapper.xml |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/ruoyi-system/src/main/resources/mapper/system/SysOperLogMapper.xml b/ruoyi-system/src/main/resources/mapper/system/SysOperLogMapper.xml
index e70b7bf..2359a49 100644
--- a/ruoyi-system/src/main/resources/mapper/system/SysOperLogMapper.xml
+++ b/ruoyi-system/src/main/resources/mapper/system/SysOperLogMapper.xml
@@ -54,11 +54,11 @@
 			<if test="operName != null and operName != ''">
 				AND oper_name like concat('%', #{operName}, '%')
 			</if>
-			<if test="beginTime != null and beginTime != ''"><!-- 开始时间检索 -->
-				and date_format(oper_time,'%y%m%d') &gt;= date_format(#{beginTime},'%y%m%d')
+			<if test="params.beginTime != null and params.beginTime != ''"><!-- 开始时间检索 -->
+				and date_format(oper_time,'%y%m%d') &gt;= date_format(#{params.beginTime},'%y%m%d')
 			</if>
-			<if test="endTime != null and endTime != ''"><!-- 结束时间检索 -->
-				and date_format(oper_time,'%y%m%d') &lt;= date_format(#{endTime},'%y%m%d')
+			<if test="params.endTime != null and params.endTime != ''"><!-- 结束时间检索 -->
+				and date_format(oper_time,'%y%m%d') &lt;= date_format(#{params.endTime},'%y%m%d')
 			</if>
 		</where>
 		order by oper_id desc

--
Gitblit v1.9.2